synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: Allow RecordingAuthorizer to record multiple rbac authz calls (#6024)

Browse Source 
* chore: Allow RecordingAuthorizer to record multiple rbac authz calls

Prior iteration only recorded the last call. This is required for
more comprehensive testing
This commit is contained in:
Steven Masley
2023-02-03 13:03:46 -06:00
committed by GitHub
parent 571f5d0e02
commit b359dbbd8b
9 changed files with 720 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
coderd/rbac/authz.go
View File

@ -15,6 +15,7 @@ import (
"github.com/coder/coder/coderd/rbac/regosql"
"github.com/coder/coder/coderd/tracing"
"github.com/coder/coder/coderd/util/slice"
)
// Subject is a struct that contains all the elements of a subject in an rbac
@ -26,6 +27,25 @@ type Subject struct {
Scope ExpandableScope
}
func (s Subject) Equal(b Subject) bool {
if s.ID != b.ID {
return false
}
if !slice.SameElements(s.Groups, b.Groups) {
return false
}
if !slice.SameElements(s.SafeRoleNames(), b.SafeRoleNames()) {
return false
}
if s.SafeScopeName() != b.SafeScopeName() {
return false
}
return true
}
// SafeScopeName prevent nil pointer dereference.
func (s Subject) SafeScopeName() string {
if s.Scope == nil {